package io.github.gaisad.amweb2.filter;

import jakarta.servlet.*;
import jakarta.servlet.annotation.WebFilter;
import jakarta.servlet.http.HttpFilter;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;

import java.io.IOException;

@WebFilter({"/dashboard", "/other-secret-page"})
public class AuthFilter extends HttpFilter {
    @Override
    protected void doFilter(HttpServletRequest req, HttpServletResponse res, FilterChain chain) throws IOException, ServletException {
        // 先判断用户是否登录成功
        // 判断依据：是否能从 session 中获取 user 属性值）
        Object loginUser = req.getSession().getAttribute("loginUser");
        if (loginUser == null) {
            res.sendRedirect(req.getContextPath() + "/403");
            return;
        }
        chain.doFilter(req, res);
        System.out.println("from resource");
    }
}
